Bleeping Computer

Exploit available for critical bug in VM2 JavaScript sandbox library

Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to run code securely ...
ZDNet

Firefox zero-day: Mozilla races to patch bug used to attack Tor browser users

Users of online anonymity network Tor are facing a new attack that uses nearly identical code to a Firefox exploit used by the FBI in 2013. Tor co-founder Roger Dingledine says Mozilla is working on a ...
Engadget

'Rainbow tweets' start hammering Twitter after onMouseOver exploit discovered

Oh dear. Some wise guys have discovered a JavaScript exploit in Twitter's web interface, which uses an onMouseOver instruction to hijack your own tweeting voice and force you to say things you don't ...
Lifehacker

Mouse-Over Exploit Hits Twitter.com

A JavaScript exploit has allowed all kinds of not-at-all-safe-for-work sites to pop up sites and text through Twitter.com, and force a re-tweet, even if all a user does is move their mouse over a ...
Engadget

Tor browser for Windows exploit discovered, malware may be gathering info for Uncle Sam ...

It was just over two years ago that the paragon of internet privacy, the Tor project, decided to build its own browser by forking Firefox. Wired reports that an exploit of that very same browser has ...
Computerworld

Exploit code appears for Microsoft Agent bug

It took less than 24 hours for attackers to crank out proof-of-concept code targeting the one critical vulnerability disclosed — and patched — Tuesday morning by Microsoft, security researchers warned ...
Reuters

Kill JavaScript in Adobe Reader to ward off zero-day exploit, experts urge

Users should disable JavaScript in Adobe's Reader and Acrobat tools to protect themselves until a patch for a just-disclosed vulnerability is available, security experts said today. The advice is ...